Benbe

**Name of the Vulnerable Software and Affected Versions** GeSHi versions prior to 1.0.8.11 **Description** The issue concerns multiple directory traversal vulnerabilities in the cssgen contrib module. These vulnerabilities allow remote attackers to read arbitrary files by utilizing a .. (dot dot) in the `geshi-path` or `geshi-lang-path` parameter. **Recommendations** For versions prior to 1.0.8.11, update to version 1.0.8.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the cssgen contrib module until the update is applied. Avoid using the `geshi-path` and `geshi-lang-path` parameters in a way that could facilitate directory traversal attacks.